Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/objects-inl.h

Issue 12583013: Add AssertNoAllocation to ensure TransitionArray* transitions is safe. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 1472 matching lines...) Expand 10 before | Expand all | Expand 10 after
1483 set_properties(new_properties); 1483 set_properties(new_properties);
1484 } 1484 }
1485 set_map(map); 1485 set_map(map);
1486 return this; 1486 return this;
1487 } 1487 }
1488 1488
1489 1489
1490 bool JSObject::TryTransitionToField(Handle<JSObject> object, 1490 bool JSObject::TryTransitionToField(Handle<JSObject> object,
1491 Handle<Name> key) { 1491 Handle<Name> key) {
1492 if (!object->map()->HasTransitionArray()) return false; 1492 if (!object->map()->HasTransitionArray()) return false;
1493 TransitionArray* transitions = object->map()->transitions(); 1493 Handle<Map> target;
1494 int transition = transitions->Search(*key); 1494 {
1495 if (transition == TransitionArray::kNotFound) return false; 1495 AssertNoAllocation no_allocation;
1496 PropertyDetails target_details = transitions->GetTargetDetails(transition); 1496 TransitionArray* transitions = object->map()->transitions();
1497 if (target_details.type() != FIELD) return false; 1497 int transition = transitions->Search(*key);
1498 if (target_details.attributes() != NONE) return false; 1498 if (transition == TransitionArray::kNotFound) return false;
1499 Handle<Map> target(transitions->GetTarget(transition)); 1499 PropertyDetails target_details = transitions->GetTargetDetails(transition);
1500 if (target_details.type() != FIELD) return false;
1501 if (target_details.attributes() != NONE) return false;
1502 target = Handle<Map>(transitions->GetTarget(transition));
1503 }
1500 JSObject::AddFastPropertyUsingMap(object, target); 1504 JSObject::AddFastPropertyUsingMap(object, target);
1501 return true; 1505 return true;
1502 } 1506 }
1503 1507
1504 1508
1505 int JSObject::LastAddedFieldIndex() { 1509 int JSObject::LastAddedFieldIndex() {
1506 Map* map = this->map(); 1510 Map* map = this->map();
1507 int last_added = map->LastAdded(); 1511 int last_added = map->LastAdded();
1508 return map->instance_descriptors()->GetFieldIndex(last_added); 1512 return map->instance_descriptors()->GetFieldIndex(last_added);
1509 } 1513 }
(...skipping 4508 matching lines...) Expand 10 before | Expand all | Expand 10 after
6018 #undef WRITE_UINT32_FIELD 6022 #undef WRITE_UINT32_FIELD
6019 #undef READ_SHORT_FIELD 6023 #undef READ_SHORT_FIELD
6020 #undef WRITE_SHORT_FIELD 6024 #undef WRITE_SHORT_FIELD
6021 #undef READ_BYTE_FIELD 6025 #undef READ_BYTE_FIELD
6022 #undef WRITE_BYTE_FIELD 6026 #undef WRITE_BYTE_FIELD
6023 6027
6024 6028
6025 } } // namespace v8::internal 6029 } } // namespace v8::internal
6026 6030
6027 #endif // V8_OBJECTS_INL_H_ 6031 #endif // V8_OBJECTS_INL_H_
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698